SUSE Support

Here When You Need Us

Joining Windows Active Directory domain fails with error "No logon servers found"

This document (7000207) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 10 SP1

Situation

When joining an Active Directory domain using theYaST2 module 'WindowsDomainMembership'the following error is experienced:

ERROR: Failed to join domain: No logon servers found

Looking at the log file /var/log/YaST2/y2log the error is similar to the following 
2008-04-14 13:54:12 <3> linux(21475) [bash] ShellCommand.cc(shellcommand):78 [2008/04/14 13:54:12, 0] utils/net_ads.c:ads_startup_int(286)
2008-04-14 13:54:12 <3> linux(21475) [bash] ShellCommand.cc(shellcommand):78 ads_connect: No logon servers
2008-04-14 13:54:12 <3> linux(21475) [bash] ShellCommand.cc(shellcommand):78 Join to domain is not valid: No logon servers
2008-04-14 13:54:12 <5> linux(21475) [Perl] modules/SambaNetJoin.pm(SambaNetJoin::Test):56 LANG=C net ads testjoin -s /tmp/YaST2-21475-HPsBU8/smb.conf -P =>
$VAR1 = {
          'stderr' =>
'[2008/04/14 13:54:12, 0] utils/net_ads.c:ads_startup_int(286)

  ads_connect: No logon servers
  Join to domain is not valid: No logon servers

',

          'exit' => 255,
          'stdout' => ''
};

Resolution

Please update Samba to version 3.0.32 or later.
  1. Ensure the serviceswinbind, nmbandsmbare not active / running:
    rcwinbind stop ; rcnmb stop ; rcsmb stop
  2. Use the YaST2 module 'Kerberos Client' to configure the domain settings
     
  3. Edit as user root the file/etc/samba/smb.conf and set the following options in the global section

    workgroup = DOMAINNAME
    password server = IP_OF_PASSWORD_SERVER
    realm = KERBEROS_REALM
    security = ads

    Save the changes and close the file.
     
  4. Run as root the command

    net ads join -U Administrator@DOMAIN

    Enter the Administrator password when being asked.
     
  5. Once the command completed successfully start the services winbind, nmb and smb using

    rcwinbind start ; rcnmb start ; rcsmb start
     
  6. Check using smbclient if authentication against the password server works:

    smbclient -L SMB-SERVER -U USERNAME

    If authentication works properly all available shares of SMB-SERVER will be displayed

Additional Information

Root cause

When called the YaST2 Windows Domain Membership module writes a temporary smb.conf and krb5.conf which are being used to connect to the domain. However, since the password server is not included in the temporary configuration a join is not possible.

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7000207
  • Creation Date: 25-Apr-2008
  • Modified Date:14-Mar-2021
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community
tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

Support FAQ
tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center